On Jan 23, 2024, Apple released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to fix a zero-day flaw that was actively being exploited. The flaw, identified as CVE-2024-23222, is a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution. Apple acknowledged that the issue may have been exploited and has released updates for various devices and operating systems to address the vulnerability. Additionally, Apple backported fixes for CVE-2023-42916 and CVE-2023-42917 to older devices. This announcement comes on the heels of reports that Chinese authorities have used known vulnerabilities in Apple’s AirDrop functionality for law enforcement purposes. If you found this article interesting, follow us on Twitter and LinkedIn for more exclusive content.